WORLD METEOROLOGICAL ORGANIZATION
GUIDE ON INTERNET PRACTICES
22 May 2000
Updated October 2003
A.1 Glossary [Separate document on WMO web site.]
A.2 Statement of Thirteenth WMO Congress on placing of additional data and products on the Internet
A.3 Information and assistance
The Commission for Basic Systems (CBS) agreed at its extraordinary session (Karlsruhe, Germany, 1998) that a Guide on Internet Practices should be developed to provide guidance for NMHSs to use in developing and implementing Internet services in support of their mission to provide information to the public and to promote the NMHSs. The Commission suggested the guide should include advice on what data to put on servers, how the data should be named or described, how it should be accessed, and how the server and the data it contained could be protected from unauthorised use.
Accordingly, the first version of this document was finalized in May 2000. CBS, at its twelfth session Geneva, November 2000) agreed that the Guide should be published in HTML format on the Internet, and that regular updates should be done. This current version has been updated in October 2003.
The Internet, a public telecommunications service, was established as a cooperative effort providing worldwide networking services among educational institutions, government agencies and various commercial and non-profit organizations. High-speed networking technologies and developments have made the Internet desirable for information dissemination and communications. The Internet also includes functions such as those for electronic mail (e-mail), file delivery using (FTP), World Wide Web (Web) and newsgroups.
Global access to and the use of the Internet have grown exponentially. The dramatic increase in use of these communication capabilities makes it necessary to establish guidance regarding the proper and efficient use of the Internet.
1.2 Scope of this document
The Internet is considered to be a public fundamental communications tool that may be used to support the mission of NMHSs by expanding information dissemination methods and connectivity through current supporting technologies. This guide is meant to outline the incorporative use of the Internet to enhance services provided by NMHSs. The Internet can provide added communication capability for the exchange of data and products among NMHSs. It can be used for disseminating meteorological, hydrological, and environmental products and services to anyone with Internet access. This document is directed at NMHS information services accessible to the Internet and servers as sources of information and not on the mechanics of the entire Internet itself.
The information contained in this guide is relevant to the exchange or dissemination of data, products and information for all WMO and related international programmes, including oceanography. Due to the subject matter, this document uses many technical terms. This can not be avoidable and an attempt to define the terms has been made to make it as readable as possible. However, the guide is not intended to serve as a technical reference manual on the Internet. Rather, it is intended to provide the basic background information needed by directors/decision makers in their investigation on using the Internet as a communication mechanism. Technical personnel responsible for implementation of Internet services would require more detailed technical information than can be provided in this guide. This additional information can be downloaded from servers on the Internet, purchased from bookstores, or found in technical libraries.
Another WMO document, the Guide on use of the Internet communication protocol called TCP/IP was developed for GTS use. This guide is targeted at a more technical audience with knowledge of networks and provides guidance needed to actually implement operational data exchange on networks using TCP/IP protocols on the dedicated GTS network. Although the Internet and dedicated GTS network protocols are the same, the Internet implementation is based on rules of the open public use of the TCP/IP protocol stack and routers and their configurations.
2. GETTING STARTED
2.1 Determine the audience
Computers that have access to the Internet provide a connectivity between distantly separated resources. This permits everyone, anywhere, to exchange, retrieve, and to view information among connected computer services. Each NMHS has the experience and background to know what types of information should be made available from their NMHS. Therefore, they should focus on determining the audience that they want to reach through the establishment of appropriate information content on the NMHS server services connected to the Internet using Content developers .
National - If the NMHS Web site is expected to have a strictly national focus, it should provide information and services suitable for a national audience. A subject of concern would be the geographical area and the ability of its national users to gain access to the Internet to be able to reach the server site. The local connection speed to the Internet that is supported by the local telecommunication provider and Internet Service Providers (ISPs) will determine the content subject matter and the style and format for the NMHS's information that is made available for the audience. The NMHS should consider the common access speeds supported by local ISPs to the client audience. There can be a wide range of connectivity speed depending on whether the target audience is the general public or a specific user community that uses higher connection speeds and computer technology not available to the general public. These issues will directly impact download time for both HyperText Transfer Protocol (HTTP) and File Transfer Protocol (FTP) services. These protocols are the basic protocols used by computer software firms in their software products today and ISP service speeds could limit the size of files and/or graphics the NMHS might like to include on its server. As the local Internet services spread and grow in capacity the NMHS server content can change to take advantage through enhanced services such as interactive retreival, information on demand, and complex request-reply.
International - The information should has a global audience focus on the NMHS Internet-accessible server . The structure and page format will have a different structure and the site contents will cover a broader subject matter and a different focus with topics such as global aviation and climate issues. Options for providing multi-lingual support for the web pages should be considered. An international audience will be much larger and will have widely varying technological capabilities such as high access speeds and support many different browser software versions. The server user load will be high and will place heavy loading on the NMHS's LAN and the data providing server. As the web site grows in popularity, heavier demands will force system upgrades. The software market is in constant change and continual growth, therefore, considerations to provide more and better capabilities will be required, such as security functional enhancements and system performance tools. New software and hardware client capabilities are not utilized uniformaly around the globe. A global service data provider must maintain both older software functions and implement new server capabilities to service all technical levels of customer capabilities.
2.2 Getting connected
In simple terms, the Internet is a collection of various commercial telecommunication networks connected together in which all computers communicate with each other using a basic common protocol called TCP/IP. This protocol is provided by all network supporting software packages. A connection to the Internet can be of two types. The first type is a non-permanent session normally called dail-up hich will connect to a local ISP. The second type is a contenuous permanent session to the ISP using a dedicated local line. The two major categories of access will vary in cost to the NMHS. The first normally uses the public telephone lines and the cost is based upon connect time. The second is a perminate paid local dedicated circuit and is higher in cost. The first type is normally slower in speed than the second type. The first type is a popular one for the customer seeking information for short periods. The second type is used for the data provider, for example the NMHS offering forecasts and general meteorlogical data for Internet accessed customers on a continual accessible bases.
Where to host your web site
To provide information services on the Internet, the information must be stored on a computer server that is connected permanently to the Internet. There are two major options that NMHSs can consider for hosting their Web pages: operate it on their own computers or contract with another government agency or with a commercial service provider.
To host its own Web pages an NMHS would provide a dedicated computer. This service does not have to be costly, for example, a PC would be sufficient for a small NMHS and could be purchased ready to use. The NMHS would have to purchase a permanent dedicated connection to the Internet. The NMHS would require a small staff of experts in writing web pages using the (Hypertext Mark-up Language) HTML language editor and a standard database for storage of the data to be provided. The most important issues to be considered when evaluating this option is cost and local support staff. Furthermore, when hosting a server there are many security issues, which are discussed in more detail in section 5 of this Guide.
Contracting with another agency or a commercial service provider to host your Web server is another option. Many service providers rent space on their computers at a specified rate. The NMHS would use a dial-up link to the Internet to update the content on the server. The commercial service will already address security for its servers. The information would still be updated electronically by the NMHS from its own computer. Instead of a commercial service, an NMHS might be able to use the Web server of a sister agency, such as the environmental ministry, university, etc. Finally, an NMHS can consider placing its web site on servers outside its own country either on a service provider’s or on the server of another, larger NMHS. This option, however, could be more costly for updating, as location for the dial-up connection may include long distance charges.
Most commercial ISPs will provide server space but require you to manage your own content. Some ISPs will provide Web page generation services using your input and a few will even provide the entire page construction from your own documentation. Of course, the price varies with the level of service provided. Additionally, if you rely upon an ISP to develop and maintain your pages, updates would normally not be completely under your control nor as current as you would like.
When considering which ISP to use an NMHS should keep in mind that the Internet is a global communication service and many ISPs operate internationally. This could be a factor in a selection of an ISP, if you should choose to use one, as an ISPs Internet backbone connectivity is an important part of the selection process. This server location can determine global availability to the NMHS Web pages. It is also possible to work through a local university to house an NMHS web site, as their connectivity to the Internet normally uses a very high bandwidth communications connection and they often run the same ISP service capability as a commercial company. If the NMHS requires 24 hour 7-day a week service then it should ensure its ISP provides this level of support. All of these options should be carefully evaluated by either a consultant firm or your own staff, if you possess the necessary expertise. It may be possible to use another sister agancies experts. The NMHS locality has a significant impact on services and cost.
You should coordinate Internet access and Internet services with the appropriate commerical telecommunications network management and program management officials within your NMHS or government as appropriate. The following discussion will be somewhat technicial. This is necessary as the subject matter covers low level configuration issues. This coordination would normally include, as a minimum:
Once your NMHS has decided to make products available on the Internet, your server would need an address and a name to identify itself. On the Internet every computer has an address (IP address), which is a quadruplet of integers each with a value in the range (0 - 255) separated by dots: for example 18.104.22.168. Since the numeric Internet addresses are primarily used for network routing and difficult to work with, servers on the Internet are given names constructed by adding a designation to the front of a domain name. The server names are made up of text labels you can remember separated by dots, for example: www.mysite.net. The name is stored locally in a DNS server for translation by the network software to obtain the real numeric address of the server. The www and mysite is the server name and the .net would be the domain name. The names are organized in a hierarchical structure. Each computer on the Internet belongs to a group (domain) which may belong to another higher-level domain. The leftmost part of the name, therefore, is specific to the computer while the rightmost portion is the top-level domain. An example of this domain level structure is www.cma.gov.cn where the ".gov" is a sub-domain in ".cn" the country of China. The following top-level domain names are defined for the Internet for all countries/geographical areas (others are now being added). Two additional top-level domain names are used exclusively in the USA: gov (government) and mil (military).
com Commercial organization net Networking organization edu School int International organization org Other organization
In addition there are about 240 countries or geographical top-level domains represented by 2-letter codes as defined in the ISO-3166 standard, which is available on-line at http://www.iso.org/iso/en/prods-services/iso3166ma/02iso-3166-code-lists/list-en1.html (English country list) or http://www.iso.org/iso/en/prods-services/iso3166ma/02iso-3166-code-lists/list-fr1.html (French country list). E.g. "ch" represents the top-level domain for naming servers on the Internet in Switzerland.
The Internet servers of NMHSs are normally named under the country or geographical top domain. An ISP should be able to provide assistance in obtaining an Internet address and registration of a domain name. The registration of domain names may require a cost charged to the requestor. This service is provided by the InterNIC a servicing company for the Internet. This process of registration also requires the designation of a Domain Name translation service (or DNS server) to handle the translation between the character name and network IP address. During the configuration of your PC for network use, a DNS translation is required and an IP address of a local DNS server is a part of the installation of your network driver.
Standard names are often used for servers. Normally Web servers use www while FTP servers use ftp. However, these names are used only by convention and are not required. What is required is the server port address designation which is either "http" or "ftp". This directs the routing to the IP interface address to either the port 80 for web server applications software entry or to the file server software application which are ports 20/21. An example of server URL name construction therefore would be http://www.meteo.fr for web services and ftp://ftp.meteo.fr for ftp or file transfer applications. Note: the ftp takes you to a sub-directory only and both sites are located in France.
Having set up its Internet access, an NMHSs should advertise its presence on the Internet by registration of its server with the WMO list of NMHS Internet home page addresses and with Internet search engines. Links to the NMHS server from other related web sites can also help to promote the server name visibility.
2.3 Considerations of the Technology
Web servers, FTP servers, electronic mailing lists and Internet newsgroups are excellent tools for information exchange, especially when people have to communicate over long distances. However, each technology has its own advantages and disadvantages depending upon what is required. For example, Web servers are good at delivering general information to the public while they are not as effective in delivering volatile information to a limited number of persons. Electronic mailing lists or forums are more effective in that case. Utilising a combination of technologies, using each where it is most appropriate, can provide the best services. For example, an NMHS might provide general information and request users to specify their requirements for data on a Web page, deliver the data via FTP and confirm requests via e-mail.
Most Internet services are designed as client-server applications. In general, servers deliver data and clients receive it.
The relationship between Internet services and protocols and software that supports them can be confusing. The following table illustrates the relationships between the most commonly provided services, protocols and software.
Table 2.1 – Internet services, protocols and tools
Examples of Software
|Server side: SMTP + MIME||Sendmail||Outlook, Netscape communicator, Eudora.|
|Web||HTTP||Apache, Netscape, Internet Information Server||Netscape, Internet Explorer, Opera, WebTV|
|FTP||FTP||BeroFTPD, proFTPD, WU-FTP||All browsers, WS-FTP|
Purposes for which the various Internet technologies are most suited are outlined below and summarised in Table 2.2.
The Web (commonly labelled as the WWW) is a presentation-page-based service supported by HTTP application software. It is the single most significant contributor to the Internet phenomenon. Web documents, which users retrieve from servers using a browser , which is provided with all Windows operating systems, (the client) can contain text, images, movie clips, sound files and hyperlinks (Uniform Resource Locators [URLs]) which are addresses to other documents. This action is simple With a mouse click on a link, the user can go from one point of the document to another and from one document to another, which may be stored on the same or a different server. This capability makes access to information on the Internet extremely powerful and easy to use.
In the Web, text documents are formatted with a tagging language known as HyperText Mark-up Language (HTML). The HTML documents usually have file extensions such as "html" or "htm". The tagging language specifies the format of the document, inclusion of graphics or multimedia files and the hyperlink information. There is a newer, more dynamic form, of HyperText coming into use. That is XML which allows for new commands within the Mark-up fields of the language. As its popularity grows, it may have application in the environmental science
Web servers are very good at providing multimedia information (graphics, pictures, video, sound, music, text, etc.). They provide an excellent tool to deliver commercial products in electronic form and even support the possibility of on-line payment. They can provide a good level of security and encryption. With the use of user names and passwords, certain information can be restricted to certain users. Web sites can be updated automatically although usually they contain textual information that is updated manually. Automation of updates would usually require substantial software development. However, it is routine for operating systems, such as Windows 2000/XP and it is common for virus software applications to have updating done on schedules in the client computers.
Web sites offer the best capability for access to databases over the Internet, including query-type access. Most commercial data base management systems (DBMS) now provide Web support, easing development of Web applications with these systems.
FTP is a common service supported by many servers on the Internet. The protocol supports the transfer of both text and binary files between the server and client computers or other servers. After logging on to the server the clients can navigate through the directories on the server and can download/upload files to/from a client. The files that users are allowed to access are controlled by the configuration of the FTP server. The server can also allow access to the general public through anonymous FTP where users log in with a user name "anonymous" and can use anything for the password.
FTP sites are best suited for exchange of large files. These normally consist of data that are not usually intended for display by Web browsers. Examples of files that are normally distributed via FTP are software and large files intended for special applications programs. FTP can offer a good level of security by requiring users to provide a user name and password before granting a connection. FTP sites are one of the best solutions for the exchange of forecast model data and large sets of metadata information between NMHS automated systems.
E-mail is best used for regular delivery of data, products and information to a limited audience (subscriptions, bulletins) provided that the volume of information to be delivered is not too large. For large files e-mail is often used to notify users that the file is available while the file itself is placed on an FTP server.
E-mail is an excellent tool for communicating with users and for receiving feedback. Various levels of security can be provided. Information can easily be sent automatically through an electronic mailing list. This can be very useful for certain applications. E-mail can also be used for exchanging information between automated systems.
Newsgroups are a very good tool for exchanging information that is intended for a limited audience and that changes rapidly. The information is updated piece by piece by the people participating in the newsgroup. Each participant has a limited role within the newsgroup and thus does not have to spend a lot of time updating their information.
A moderator may be assigned responsibility for the newsgroup. The moderator monitors the messages posted on the newsgroup and enforces agreed rules and procedures.
Newsgroups are usually limited to a community with a specific interest and information can be restricted to certain members via user name/password control. It is also possible to open newsgroups to a large community for read-only access while allowing write access to only certain members.
Newsgroups can be a useful tool for obtaining feedback from users although e-mail is more commonly used for this purpose. They are best suited to active information exchange among a small community of dedicated persons.
Table 2.2 - Summary of the advantages and disadvantages of Internet technologies
|Multimedia/ graphical information||Excellent||Delivery only||Can be used to deliver small multimedia files||Can be used to deliver small multimedia files|
|Regular or operational information||Near real-time delivery is poor||Good if automated delivery possible||Good for small data volumes||Poor|
|Ad hoc requests||Excellent||Good with a Web front-end||Acceptable for simple request||Good for soliciting opinions or information|
|Security level||Password access and encryption||Password access||Electronic signatures||Password access and management of privileges|
|Target audience for dissemination||Wide||Wide||Small||Limited|
|Assurance of delivery||None||Via "PUT" only||Acknowledgement of receipt possible||Automatic notification possible|
|Feed-back from users||Good (via forms or e-mail)||Poor (via e-mail only)||Good||Good|
|Dialogue between users||No||No||Good||Excellent|
|Volume of information possible||High||Very high||Small||Medium|
3. WHAT DATA TO PUT ON PUBLIC SERVERS
Hydrological and meteorological data can be placed on servers as well as documentation about the data or other hydrometeorological subjects. Documentation is normally written in HTML scripted page format to permit display using Web browsers. This permits the browsers to display all kinds of text and graphical information. The hydrological and meteorological data can be coded into HTML, with explanatory text as appropriate, or can be coded as simple text files. Most browsers have the ability to access and display both HTML and text pages using either HTTP or FTP protocols.
Access to HTML pages can be limited to specific users with identification and password controls. This control can be accomplished at the URL level, which connects one HTML page to another. FTP also provides the capability to control access to files via password protection.
3.1 Content suitable for the Web
a. Information about your Service
b. Forecasts and warnings
c. Current weather
d. Climate information
e. Weather facts
f. Hot Environmental topics
g. Related sites
h. Experimental products
Each one of these topics will now be discussed in more detail.
At this poiint it is time to dicuss a need to investigate a development of a standard for files of information about these various contents for ease of exchange between centers. As the variety and volume of data increases, the need for describing those data by “Metadata” in an unambiguous way and through a standard approach becomes essential. CBS, at its Extraordinary session (Cairns, Australia, December 2002) agreed that the ISO standard for geographic metadata (ISO DIS 19115) was suitable for use within WMO as the WMO Core metadata standard. CBS also recommended that XML be reviewed as possible form to be adopted as the common language (or format) for metadata exchange. Several further developments are required and are being carried out by CBS and other WMO Technical Commissions. Currently there are also other evolving forms being developed by the commercial industry, such as XUL.
a. Information about your Service
Information about your NMHS and your mission and organization is best presented via the Web. Short descriptions of your organization and its programs should be presented in an attractive way so that Internet users immediately know whether they have reached the site they were looking for. This information might include the vision, mission and history of your NMHS as well as information on how users can contact your NMHS. Contact information commonly includes street and postal addresses, telephone and fax numbers, e-mail addresses, etc. The organizational structure of your service could also be presented along with a directory of staff, in accordance with local regulations. A note of significance, your customer is a short e-mail away. Your NMHS now needs the ability to respond and quickly in this electronic environment. Your responses are a statement of policy, like any written correspondence from your NMHS. A prosess needs to be established internally to handle this new workload. This is part of the advantages to making your agency known. If you are popular to your customers you provide support for your NMHS, an excellent advertisement.
Many NMHSs also provide information on training opportunities and job openings within their organization and guidance manuals of all types.
b. Forecasts and warnings
This is the core of your web site. In deciding what information to put on the NMHS Web server, a decision should first be made as to what will be provided freely to the public and what will be restricted to special users. In general, current practice for many NMHSs is that forecasts less than 24 hours duration and that provide basic information to the public for everyday activities are made freely available. This usually includes safety information (such as severe weather watches) when and where necessary, for example safety at sea and aviation/marine search and rescue.
Policies concerning additional or value added services vary from service to service and should be determined locally. The NMHS should consider whether or not to charge for services that provide media exposure and therefore free publicity.
With the above in mind, it is possible to evaluate each product to determine if it should be provided through open or controlled access.
One of the best ways for NMHSs to use this technology is to provide text information for public access. The local forecast offices of the NMHS produce many products and making them available to the general public or other NMHSs via the Internet can greatly enhance the prominence of the NMHS. This can also supplement current dissemination systems.
Text or graphical forecasts and warnings provided via the Web might contain, for example:
- Current warnings and advisories
- 0 - 48 Hour forecasts (national, travellers, aviation, marine, etc.)
- 1 - 14 Day forecasts
- 30 Day or seasonal outlooks
c. Current weather
Land and ship surface data and upper air data are often made available, usually in the original code transmitted for World Weather Watch exchange. Upper air station reports can be made available via FTP, as most users would like to either display soundings or ingest the data into software modelling applications.
In general, observations provided via the Web might contain, for example:
- Current observations (temperature, precipitation, wind, etc.)
- Satellite images
- Radar images or composites
d. Climate information
The web as a means for providing this information is excellent. The graphics and color capability plus the normal nature of climate forecasts having long time period coverage makes this an easy means of communicating these products to your customer public as well as providing a means of exchange between NMHS producers and NMHS users. Examples of products are:
Climate summaries and anomalies (daily, ten-day, 30-day precipitation totals and extremes; mean, maximum and minimum temperatures, sunshine, humidity, etc.)
Metadata (station locations, exposure, instruments, and history of moves, etc.)
e. Weather facts
Information about the science of meteorology, hydrology and the environment are often made available via the Web. This might include a cloud atlas, information on meteorological instruments or weather phenomena and a glossary of terms. Definition or background on information in the headlines such as general information on El Niño might also be provided.
f. Hot environmental topics
Information that is new or considered important for the viewer to see should be highlighted in some fashion. Normally this can be accomplished by placement on the page, linked from the homepage or placed on the home page, or by using blinking HyperText. The types of information to be presented are up to the NMHS. However, subjects such as the latest warnings, new products available or NMHS events (e.g. conferences) could be items for this area.
g. Related sites
h. Experimental products
Some services provide access to experimental products via their Web servers. These might include monthly and seasonal outlooks, ENSO advisories, etc. These products should be clearly labelled with their intent for use. It should be stated that they could be removed at any time and there is no commitment to maintain them for future use.
3.2 Content suitable for FTP servers
Almost any kind of digital information can be placed on FTP servers. As noted in section, 2.3.2, FTP is best used for very large files targeted at specific audiences. It is commonly used for dissemination of raw data and product files in ASCII or WMO binary representation forms. It is also widely used to distribute software. The concern here is to control the amount of bytes that can be downloaded per unit time. A site and local network can become overloaded and access denied to others if the request is for too much at one time.
3.3 Content suitable for dissemination via electronic mailing lists
Subscriptions, regular bulletins, announcements, press releases, etc. are suitable for dissemination via e-mail. E-mail could also be used for the dissemination of advisories and warnings for specific users. However, its use for this purpose must be regarded with caution since timely delivery is not guaranteed.
3.4 Content suitable for Internet newsgroups
Frequently Asked Questions (FAQ) and answers are usually placed on newsgroups. Newsgroups also allow users to ask questions while expecting other users to reply so that all participants can benefit from the question and its answer.
4. EXCHANGE OF DATA AND PRODUCTS BETWEEN NMHSs
NMHSs may wish to use the Internet for the exchange of data and products. However, this is not recommended for time critical operational data and products since the dedicated Global Telecommunications System (GTS) and the NMCs store-and-forward message switching systems were designed and developed for that purpose. The Internet is a public communications network shared by many users. Therefore, performance and access between NMHSs can vary greatly at different times of day and at present the Internet service is not as reliable as international dedicated lines in certain parts of the world. However, it is also recognized that the Internet may be the only way to exchange certain products. Some types of data, image products, climate products, large files or graphic maps with colour may not be obtainable on some links of the GTS. The use of the Internet between NMHS systems can supplement the GTS for the exchange of these types of data and products. To reduce exposure to the public of your data exchanges over the Internet you can establish "virtual private networks" (or VPNs for short) over the public Internet. Assuming you want to exchange between two NMHSs, both must establish this connection in coordination with the network service carriers. As this is a encryption process, encryption and decryption routers at both ends must be configured. See details of VPN in the GTS Word79 documentation. [This document may take a few minutes to download into your word software.]
4.1 The File Exchange Process
The exchange of data and products between NMHSs can be accomplished with file transfers using standard FTP. The exchange of files requires that both ends of the exchange understand the directory and file name structure used at both NMHS servers. A good way to accomplish this is for each NMHS to document in Web pages the IP addresses of their servers and their file and directory structure and describe the file naming structure they are using. Some directories on a file server may be subject to access control while others may be open for access through anonymous FTP. At the command level, the FTP exchange is accomplished with either a "PUT" or "GET"command. These comands are contained within the FTP applications, such as WuFTPD on the client and WsFTPD on the server. The PUT command is used to place files on a server and the GET command is used to retrieve files from a server. There is a commonly used FTP command that permits a client to see what files are available on a server. This is the list (ls) command. The server will responed with a list of all of the files in the specified directory, much like your computer does on your "C:" drive. Most all server FTP applications will list the files and it is very resource intensive. Repeated requests for a directory filelist can act like a denial of service attack on a server. It is best to not permit automated software applications to list files. The two data exchange processes are described below.
4.1.1 FTP PUT
The PUT command (or write) sends a file from your site to the server at the remote site. This process allows the sending server to control when the exchange is to take place. The benefit is that no action occurs until there is a file to move. The server at the receiving end must, however, keep checking their server to find out when the transfer has taken place. There are many ways to help minimize this effort such as notifying the remote server that the transfer has been made. An agreed procedure must be arranged between the two sites.
Typically before transferring a file verification of the connection is made. If a connection can not be established the sending system can attempt to send at a later time, when the server can be reached.
4.1.2 FTP GET
The GET command (or read) retrieves files from a remote server. This process allows you to control when to retrieve a file from another FTP server. A limitation with this approach is you may not know when a file you want is available. Many users attempt to retrieve files before they are available. This can overload the server and prevent other users from retrieving files. Therefore, care should be taken not to determine file availability using a rapid cycle of connecting and reading. Two NMHSs that are exchanging data should determine the process they will use for notification of file availability. There are several approaches, but all include timers and status files so that the recipient can control when the files are to be read. The FTP is a passive process and most FTP servers will set timeouts for sessions to clean out old processes, as a retriever (or read) can leave a process up (or open) tying up limited server threads for FTP sessions.
4.2 File Formats and Data Availability
The format of files, directory tree structures, and names of files are all relevant to exchange of data and products for NMHSs. These must be addressed while arranging exchange procedures between two NMHSs. Descriptions of directory trees and data contents should be available to all NMHSs, either locally on Web servers or through published documentation. At present there is no established mechanism exchange of this information.
More details on the exchange of files using FTP can be found in the Recommended Practices and Procedures for the Implementation, Use and Application of TCP/IP on the GTS (Word97, pdf). The procedures described in that guide are of course applicable to the Internet as well as the GTS.
5. NAMING AND DESCRIBING DATA
5.1 File name and directory standards
There is currently no WMO standard for file names. After careful consideration it has been recognized that different solutions are needed for particular purposes or local system configurations. Some standards are best for automatic processing while others are more suitable for human readability. It should be noted that CBS, at its Extraordinary session (Cairns, Australia, December 2002) agreed upon a file naming convention for operational routeing and distribution of information between NMHSs. To facilitate a smooth transition from the current GTS message headers, CBS recognized that a transition period would be required and it was requested that a maximum of 5 years be provided to implement this new recommended practice, and that detailed complementary procedures were still required.
5.2 Documentation for users
Documentation describing data and products should be placed on Web sites for interactive access. It is recommended that NMHSs use HTML pages to describe the construction and content (including subdirectory and file names) of the information placed on their server.
Directory structure and filenames on FTP servers need to be made available to the users of the service. For files accessed via FTP, documentation defining the file naming procedure should be made available by the NMHS. The directory structure, subdirectory tree and file names and data availability frequency should be part of the documentation. Also, users should be informed of the times that the files are written or updated. All of this information is often made available in a text file named readme.txt
5.3 E-mail naming conventions for your organization
It is recommended that each NMHS develop a convention for construction of e-mail addresses of its employees. This makes it easier for outside users to determine e-mail addresses of staff they might wish to locate. Many Services use an address consisting of the FirstName.FamilyName@ServiceDomain, for example, Jean.Picard@meteo.fr
As an alternative or in addition to a naming convention, many, especially large, NMHSs also provide an interactive directory of their staff, which allows users to search for staff members by name or department and determine their e-mail addresses, telephone and fax numbers (in accordance with local regulations).
5.4 Search engines
The Internet provides access to many search engine sites operated commercially by companies. These sites provide links to all types of topics accessible via the Internet. They permit you to find any server that could contain information related to particular areas of interest.
To utilize search engines, you link to them through popular URL addresses. You can then enter queries or key words to find the URL location of sites containing information you are interested in. There are over 100 search engines currently available on the Internet. A few of the more popular sites with global coverage are listed below. (Click the back icon arrow on your browser to return.)
- http://www.yahoo.com/ (jump to a commercial server)
- http://www.google.com/ (jump to a commercial server)
- http://www.altavista.com/ (jump to a commercial server)
- http://www.go.com/ (jump to a commercial server)
- http://www.msn.com/ (jump to a commercial server)
- http://www.excite.com/ (jump to a commercial server)
- http://www.profusion.com/ (jump to a commercial server)
Web search engines sites are very useful as means of notifying the Internet world at large that an NMHS Web site is available. To permit your NMHS's Web presence to be included on search engines requires notifying them through hyperlinks provided on their homepages. There are also commercial sites that notify the major search engines at a small cost.
The ability to be linked from a major search engine site requires that you build your pages (especially your homepage) with the appropriate HTML "metatags" at the top of your Web pages. Metatags that are imprtant for search engines are the "KEYWORDS", "DESCRIPTION" and "TITLE" tags, as most search engines will key on their text for inclusion in their directories. Some of the engines use the words contained in the "TITLE" tag for the link description in their page. There are companies that will review your pages for content and rate the site as to the type of information it contains. This can be important, as without this information in a metatag some search engines will not include your site in their directories.
6. PROTECTING SITES FROM UNAUTHORISED USE
Please note that this chapter is not intended to be used as technical reference material and does not provide practical solutions, but only outlines issues NMHSs should consider when determining their own solutions. It focuses on server security and not network security.
6.2 Fundamental security issues (Information Technology security framework)
It is necessary to consider at least the following issues before placing a server online. For example, The British Standards Institute has published a list of ten key controls for checking if basic security is implemented. They are:
- Information Security Policy Document
- Allocation of security responsibilities
- Information security education and training
- Reporting of security incidents
- Virus controls
- Business continuity planning process (disaster backup)
- Control of proprietary copying
- Safeguarding of Company records
- Compliance with data protection legislation
- Compliance with security policy.
All of these aspects require considerable attention and care.
6.3 Best practices for Internet servers
The following is a copy of http://www.boran.com/security/webserver_practices.html, with comments for added clarity. The source text is in Italics.
PROBLEM: Public Web servers continue to be attractive targets for hackers seeking to embarrass organizations or promote a political agenda. Good security practices can protect your site from the risks such compromises create.
PLATFORM: Any UNIX platform or Windows NT system being used as a Web server.
DAMAGE: Damage can be anything from a denial-of-service attack, the placement of pornographic material, the posting of political messages, or the deletion of files or the placement of malicious software.
SOLUTION: Follow known best practices and apply software patches as soon as your incident response team or your vendor announces them.
BEST PRACTICES IN MANAGING World Wide Web SERVER SECURITY:
A. System security
Network filtering: Place your Web server(s) in a DMZ. Set your firewall to drop connections to your Web server on all ports but http (port 80) or https (port 443).
A DMZ (De-Militarised Zone) is the term for a no-man's land between the Internet and the internal network. This zone is NOT in the internal network, but is NOT widely open on the Internet. A firewall or a router with IP address filters applied usually protects this zone with network traffic filtering capabilities. It is also good practice to put FTP servers within the DMZ, thus requiring FTP-port (21) and FTP-data-port (20) to be accessible.
Host based security: Remove all unneeded services from your Web server, and a secure login capability such as secure shell. An unneeded service can become an avenue of attack.
It is recommended all software and protocols that are not needed on the host be removed. For example, sendmail (which is the most common e-mail server available on Unix platform) is particularly susceptible to attack. Every week or so, a bug is discovered. Updating sendmail is an endless task so removing it from the server is often the best solution.
Limit the number of persons having administrator or root level access.
This is true for all cases but is especially important for servers connected to the Internet.
Apply relevant security patches as soon as they are announced and tested on a pre-production system.
Security weaknesses are regularly discovered. For those relevant to your type of host and servers (FTP or Web) you should install software updates (patches) whenever they are made available. It is a good practice to install them on a backup system to check for non-desirable effects.
Disallow all remote administration unless it is done using a one-time password or an encrypted link.
If access to your FTP or Web server were to be done via an unsecured connection, all information typed might be seen by unauthorized eyes. This is particularly dangerous for system administration.
If the machine must be administered remotely, require that a secure capability such as secure shell be used to make a secure connection. It would also be good to limit these connections only to a minimum number of secure machines and have those machines reside within your Intranet.
To prevent the above risk, if, for example, you must administer your system remotely, use secure shell (a system where all information exchanged between client and server are encrypted). The two last points are probably not very easy to follow. If there is no other solution, it is very important to minimize risks. If you have to telnet to access your FTP or Web server, you should install a tool like tcp_wrapper. To our knowledge, this only exists for Unix hosts, and is not available, at least under that name for Windows NT. This software, before allowing access via telnet, determines if the calling IP address is allowed or not. Section 6.4 discusses IP and DNS security.
B. Configuring the FTP/Web service/application
Run the web server in a chroot-ed part of the directory tree so it cannot access the real system files.
Run the anonymous FTP in a chroot-ed part of the directory tree that is different from the web server's tree.
As above, it is advised to create a limited access space to keep anonymous FTP out of the Web server tree. In some configurations, FTP servers rely upon files to be kept secret (password lists, etc.). Otherwise, if the Web server shares the same directory tree, it might be possible to read files via http, and then compromise the FTP server. However, this is server and operating system dependent.
Remove ALL unnecessary files such as phf from the scripts directory /cgi-bin.
The method is always the same. The simpler the server, the more secure it is. Therefore, all unnecessary files should be removed. The example above concerning "PHF" is especially instructive. With the first release of the NCSA http server, this PHF tool was provided and installed by default. Nobody really noticed it, except some hackers, who used a weakness in this tool to gain unauthorised access to systems.
Remove the "default" document trees that are shipped with Web servers such as IIS.
Apply relevant security patches as soon as they are announced and tested on a pre-production system.
Whatever the efforts being made to protect your hosts, you should know what is happening on your server. The usual way to do so is to log important information. Nonetheless, it can be difficult to locate critical information within a large log file. Commercial software is available to assist in this effort.
It might be necessary to open security holes between the DMZ and the internal network to collect logging information. For example, some monitoring tools require access across the firewalls in order to operate.
Log all user activity and maintain those logs either in an encrypted form on the Web server or store them on a separate machine on your Intranet, or write to "write-once" media.
Hackers might try to erase the evidence of their activities from the log files. Keeping the log files inaccessible (encrypted or on a remote system) is therefore essential to be aware of attacks.
Monitor system logs regularly for any suspicious activity.
Create macros that run every hour or so that would check the integrity of password and other critical files. When the macros detect a change, they should send an e-mail to the system manager, write messages to logs, set off a pager, etc.
To gain unauthorised access to a system, or to use it for inappropriate purposes, it is often necessary to modify critical files. That is why tools like "tripwire" can be used to calculate checksums on the files. Any changes in the checksums indicate that the files have been modified.
D. Content management
Do all updates from your Intranet. Maintain your Web page originals on a server on your Intranet and make all changes and updates here; then "push" these updates to the public server through an SSH or SSL connection. If you do this on an hourly basis, you can avoid having a corrupted server exposed for a long period of time.
SSH (Secure Shell) and SSL (Secure Socket Layer) are two common solutions for encryption between hosts.
Write a script to download HTML pages and check against a template, if changes are noted, upload the correct version.
E. Intrusion Detection
Scan your Web server periodically with commercial tools like ISS or nmap to look for vulnerabilities.
ISS (Internet Security Scanner) is a commercial tool that can be used to monitor security on the host.
Have intrusion detection software on your computers and servers to monitor the connections. Set the detector to alarm on known exploits and suspicious activities and to capture these sessions for review. This information can help you recover from an intrusion and strengthen your defences. On your PC there are several products such as "Norton Internet Security Propessional" that can be purchased in local computer software stores.
As described above, security is an unending story. One can limit the risks by following all of the advice given above. However, some of the recommendations might be difficult to implement and many NMHSs will probably implement a subset. There is no minimal subset that is applicable to everyone to provide a sufficient level of security. NMHSs must determine what risks are acceptable in their particular situation.
6.4 Access control
Once the server is configured it is necessary to determine access control policies. That is, who is allowed access to what information. By default clients can read every file put under the directory tree of the Web server via http; however, NMHSs may wish to restrict access to certain information.
6.4.1 Web servers
Most Web servers available on the market offer two control systems.
host control based on IP address or host name
a. Host control
When a client connects to a server, the client address is the first information received by the server. Based on predefined rules, access can be granted or denied. It is recommended to use IP addresses instead of names. Using IP addresses is a better solution for two reasons: the server is not required to look up an address, which can slow response times; and it is quite easy to fake host names. Nonetheless, faking IP addresses is also possible (albeit more difficult) so this mechanism should not be used without clearly understanding its limitations.
b. User Authentication
As usual, when logging into systems, the user must authenticate himself with user name/password. The main problem with the default configuration is that passwords are sent on the Web in clear form (i.e. not encrypted). Tools used to monitor the exchange of traffic between hosts ("sniffers") can read the information.
6.4.2 FTP servers
For FTP servers, depending upon the operating system and the server itself, only a subset of the control available for Web servers might be possible. The two most recent FTP servers with access control are BeroFTPD and ProFTPD. Both are free software available on the Internet. However, because they are free, attackers can get them aslo and find ways to break into your systems.
6.4.3 E-mail and newsgroup servers
Access to e-mail and newsgroup servers is controlled by only the general mechanisms that protect the host. There are no additional standard protections available for e-mail server software. These services are sacrifical and you must keep backup copies if the systems for complete replacement when needed,
6.5 Protecting your NMHS GTS operations from the Internet
When designing your Local Area Network (LAN) within the NMHS to handle both GTS data connectivity and Internet connectivity, you must separate the two networks either physically or through the use of firewalls. There must never be any ability to allow Internet traffic onto the GTS via the routers. A design that controls IP traffic through sub-network address screening must be a part of internal NMHS LAN design.
The design should follow levels of security such as a simple design router and firewall protection from outside attacks. Again, review http://www.boran.com/security/webserver_practices.html above. The best way is to use a combination of router network controls and firewall traffic checking. Protocols such as HTTP, telnet, SMTP and FTP protocols must be blocked from entry to the secure side. Allowing controlled FTP to pass through the firewall to the open server resources is a way to deny public access to the critical systems and at the same time make data, documentation and forecast products available on Internet accessible servers. The firewalls can act as flow control and IP sub-network address level entry control. What this means is to allow only known internal LAN network addresses through a firewall.
The LAN network configuration diagram provided here is an example of a LAN based NMHS MSS complex that will control GTS access to the central core switching system resources.
This sample design protects the Message Switching System (MSS) file server data base from the open Internet. The design will allow for file transfers from a file server containing the original operational files out to a file server that is accessible to the Internet. The Internet file servers would be accessible for TCP/IP FTP file exchange for other NMHSs as well. The NMHSs could exchange files of metadata or files of forecast products in GRIB or BUFR. All Web (HTTP) and File (FTP) services are open to Internet access for those sub-directories designated as open and they would contain information available to the public. The Internet accessible servers would be the staging of received products (into sub-directories under password control) from other NMHSs and the server would move the files back to the production system file systems through the firewall system. The servers used for Internet access must also contain limited server port access control. For example allowing only HTTP and FTP ports to be open, without account and password control. This permits telnet access to a limited number of people, for example, to support server maintenance of files. For security reasons, never use the File server for e-mail. The architecture for a National Meteorological Centre can be much more complex. However, illustrations of such designs are not the purpose of this guide.
1 The U.S. Department of Energy (DOE) has a Computer Incident Advisory Committee (CIAC, http://www.ciac.org/ciac/) which is one of the oldest and most reliable security references available on the Web. It is internationally recognized for its contribution to the Internet community. CIAC is a founding member of FIRST(Forum of Incident Response and Security Teams), a global organization established to foster cooperation and coordination among computer security teams world wide.
Securing Internet Information Servers available at (http://www.ciac.org/ciac/documents/ciac2308.html) is particularly relevant.
7. LEGAL/ETHICAL ASPECTS OF INTERNET SERVERS
7.1 General Considerations
Web Sites should ensure that their presence on the Internet fulfils mission requirements in a professional manner. They should also ensure that information that they make available via the Internet is accurate, relevant, up-to-date, and is professionally presented.
NMHSs should take adequate precautions when processing data or storing data on computers connected to the Internet and when transmitting data to others over the OPEN Internet. Given the extreme vulnerability to viruses and other malicious software, the NMHS should ensure that processes and procedures to minimize risk are in place.
It is important to note that, aside from some common-law restrictions in individual countries, the Internet as a whole is essentially a non-regulated global ensemble of a myriad of component networks owned by various communication carriers. There is no code of ethics and practices applicable to the particular interests of the meteorological community. However, there are areas where some form of voluntary self-regulation may be desirable, as with the recognition and accreditation of the sources of data or products posted on another Member's Web page. The same applies to the use of pointers and hyperlinks to the sites of other organizations: the visitor should be made aware that the information he is accessing is actually located elsewhere. Resolution 40 (Cg-XII) and Resolution 25 (Cg-XIII) apply to any exchange of relevant data and products and thus data and products placed on Members' servers should be consistent with these provisions.
Although advertising is not currently a widespread practice on NMHS Web pages, it is foreseeable that some Services may decide to include advertising for third-party products, perhaps in the form of banners or buttons on their pages. Care should then be exercised, as the apparent endorsement of some these products may compromise the credibility of a NMHS, or that of another link-related NMHS.
Members should always promote the NMHSs of other countries, as the prime source of information for those countries. This can be done quite simply by providing links to the Web sites of other NMHSs and, most easily, through the corresponding page on the WMO server (English version page).
7.2 Copyright and disclaimers
Web pages often include material, such as graphical illustrations, that is protected by international copyright and care should be exercised when "adapting" such artistic elements for self use. When using any trademarks or service marks, it is recommended that the (TM) or ® (R) symbols be used, as appropriate. By definition, trademarks are used to identify tangible goods, while service marks are used to identify services.
Posting complex products intended for interpretation by professionals on Web pages may pose a problem whenever they can be readily accessed by inexperienced users as these users may easily misinterpret them and use them to make wrong decisions. Thus, it becomes particularly important to publish adequate disclaimers on main pages. These disclaimers should be drafted with considerable care with regard to local legislation, preferably with the assistance of national lawyers.
As an example of copyright and disclaimer text, the USA National Weather Service (NWS) uses the following, which with some modifications for local law and conditions, could be used by other NMHSs.
Use of data and products
The information on government servers are in the public domain, unless specifically annotated otherwise, and may be used freely by the public. Before using information obtained from this server special attention should be given to the date & time of the data and products being displayed. This information shall not be modified in content and then presented as official government material.
The user assumes the entire risk related to its use of this data. NWS is providing this data "as is," and NWS disclaims any and all warranties, whether express or implied, including (without limitation) any implied warranties of merchantability or fitness for a particular purpose. In no event will NWS be liable to you or to any third party for any direct, indirect, incidental, consequential, special or exemplary damages or lost profit resulting from any use or misuse of this data.
As required by 17 U.S.C. 403, third parties producing copyrighted works consisting predominantly of the material appearing in NWS Web pages must provide notice with such work(s) identifying the NWS material incorporated and stating that such material is not subject to copyright protection.
Any reference from NWS Web server service to any non-government entity, product, service or information does not constitute an endorsement or recommendation by the National Weather Service or any of its' field offices or employees. We are not responsible for the contents of any "off-site" Web pages referenced from NWS servers.
7.3 Page frames and "jump pages"
HTML allows the browser window to be split into smaller sub-windows or frames. The use of frames makes it possible for a Web site to appear to include pages from other sites within its own page. This can cause problems, for both the referenced and referencing pages. If your own pages are included within another site's frames it appears as if your page is theirs and information around the frame could be embarrassing to your site, as inappropriate banners can be displayed around your Web pages.
HTML provides the capability to prevent a page from being included within a frame. It is recommended that you include the appropriate commands within your own home page to prevent this possibility (see the source code of http://www.nws.noaa.gov/ for an example). Furthermore, if you are using frames within your own site you should seek the permission of any other sites before including remote pages within your own frames. In general, it is recommended that you remove your own frames when linking to other sites.
Since it is very common for hyperlinks to point to pages outside the local server, users can sometimes become confused as to who is responsible for the page they are currently viewing. This can create problems if users believe a page is an "official" NMHS page when it is in fact a page at another site. "Jump pages" are pages that are used at a site to inform the user that they are following a hyperlink and that they are leaving your site. Jump pages normally contain the name of the site you are going to and a notification that the user is leaving your own site. These pages can use timers to execute the jump after a brief period to permit the viewer time to read the notice. It is recommended that all NMHSs use this capability, as users do not normally know when they are switching from one Web server to another.
8. GUIDELINES ON THE CONSTRUCTION OF NMHS WEB SITES
8.1 Introduction to Web technology
8.1.1 Multimedia content
Web documents can include graphics, sound and movies as well as text. Graphics are usually provided in GIF or JPEG format. GIF is generally preferred for artwork while JPEG is better for photographic images. The GIF format also supports the storage of multiple frames of graphics in one file and the animation of these frames. Most popular browsers can display all GIF, animated GIF and JPEG files.
When including images in Web pages it is recommended that the pages include alternative text to be displayed if the user is unable or unwilling to download the image. Normally the reason is connectivity speed to the Internet from the client. The download time can be very long on large graphics. There is a common pratice of providing a "thumbnail" image with the opton to retrieve the full picture. This includes the byte count (size) of the original graphic. A "thumbnail" is a smaller version of the original.
Static and streaming audio and video can be included in Web documents in a number of formats but browsers often require additional software to play them. Static clips can only be played when the whole file has been downloaded while the streaming media can be played while the clip is being downloaded. Audio and video requires high network bandwidth and are not very often found in NMHS sites and are not recommended to be included on front pages
8.1.2 Navigation tools
It is recommended that the name and logo representing the NMHS and a hyperlink to the starting page of the site be placed on every Web document. Thus users who may have reached the site following a hyperlink from elsewhere can find and view other documents made available on the server.
Frames can be used to assist navigation. It is a common practice to dedicate a narrow frame at the margin of the browser window for a menu of hyperlinks to facilitate navigation within a site.
Another navigation tool used in Web documents is the image-map. This is a graphic that has a number of "hot spots" on it. Each of the hot spots maps to a URL. When a hot spot is clicked, the URL is triggered. Depending on the implementation of the server and client software, the look-up of coordinates on the image to URLs can be done by the client or the server.
8.1.3 Dynamic documents
With the navigation tools described above the user is given a menu of documents to choose from. The number of menu items is limited in order to keep the menu manageable and usable by the user. There are however techniques which enable more effective interactions between user and server.
HTML supports the inclusion of forms in the Web document. Input windows, check boxes and menus can be created in the form. The user can enter data on the form and "submit" it to the server by clicking a button on the document. The server then collects the data and returns customised products, which are generated in real time, to the browser. The processing of the input data and generation of products are usually done by CGI (Common Gateway Interface) scripts which reside on the server. The script can be written in any programming language supported by the server system. Besides, forms may also be used to collect other user information such as user feed back or profiles of the user community.
22.214.171.124 Server Side Include
Variables can be inserted in HTML documents using the Server Side Include command. When a document with a Server Side Include variable is requested from the server, the server may insert in the document at the point of the command date/time, the content of another document or output of another program it launches.
8.2 Implementation issues
The implementation of a Web site must consider the services to be offered (whether to include both FTP and HTTP services), whether or not to monitor use, reliability of the servers, arrangements for backup, staff resources, response to feedback from the user community, etc. NMHSs should be aware that the Internet is a very complex network and reliability and response times are often beyond the control of their Service. Therefore, users should be informed that even though the NMHS server is maintained operationally and is running without significant load, it might sometimes be difficult to connect or retrieve pages due to network congestion or other external problems.
The following areas concerning Web site resource requirements need to be addressed:
A LAN with connectivity to the Internet (link capacity determined by expected audience)
A server and backup, with capacity determined by anticipated level of use and amount of content
A group of client workstations to use for software development and access to the Web server.
Staffing resources to support the operation.
- Webmaster (site manager)
- Text writer (developer of page content)
- Server software administrator (establish file names and directories)
- Graphics and page designer (HTML development)
- Product services (data management – to maintain data currency and page changes)
8.3 General guidelines on Web page design
Your Internet server should provide knowledge, or improve the way users/clients can accomplish an important task through the use of weather information, be it a forecast or climate data, etc. The information should be interesting to the clients and they should be able to learn something from it.
Relevant, high-quality content is paramount on a Web site. Everything else is less important, including look, ease of use, uniqueness to the medium and promotion. It is therefore important that information posted on your Web server be kept up to date. Outdated or obsolete information discourages users and can damage the reputation or image of your NMHS.
All pages, starting with the homepage, should be constructed according to a common style so that users will recognize pages from your server, even if they have "bookmarked" pages from lower in your page hierarchy. This is particularly important if your NMHS maintains more than one Web site on the Internet.
All pages should be dated, and a group name or page author name should be included to permit routing of inquires from feedback by users.
Web design groups and HTML style guide recommendations are accessible on the World Wide Web. It is recommended that designers go to the major search engine Web sites and search on desired topics.
8.3.1 Ease of use
Web Site Usability addresses the way Web pages are constructed, including hyperlinks to other parts of the same page, other pages on the site, or to other Web sites. The links need to clearly indicate what the user should expect to find if he/she moves to that URL. There are books on the design of a site with "usability" as a key element of consideration. These design guidelines allow users to find what they want quickly and easily. Aspects of usability include placement of text on a page, bold fonts, "alt tags" in graphics, and path design to meet logical thought. It should be stated here that web page presentations are like publishing a newspaper or book. Knowledge of good techniques on how to present your subject matter along with the HperText functionality of an HTML document can be a powerful presentation. Doing it right leads the view through a complex and unformiliar subject area quickly and allows the audience to find things easily. As network connect time carries a cost for client users, quick page loadings may keep a customer where slow page loads can lose customers. There are many new books on the market that addresses this new presentation subject. For example a book titled: "Web Site Usability: A Designer's Guide" originally written in 1997 and updated in November 1998 by Jared M. Spool is an excellent starting place on the subject, even though it is somewhat dated in this industry. A search on the Internet using a major search site (like Google.com) can lead you to many discussions on this growing scientific and psychological subject.
It should be easy for users to quickly and easily obtain the information they seek. Graphics slow down access and should be used sparingly. Animation and audio have their uses, but should be used only where necessary. The key in all cases is that page size and image content control download times and 30 seconds or less at commonly used connection speeds is a good measure of an acceptable size for an HTML page.
If graphics must be used, such as for climate data, they must be easily read. If the reader must read instructions on how to interpret the graphics, interest is lost.
It is often useful to provide a search tool to allow users to rapidly find information that is not easily retrieved by browsing through the Web site menu and sub-menu items. You should ensure the search is limited to files present on the local Web server. It is also useful to provide a Web site directory or index. This would provide a synoptic view of the Web site content with topics and sub-topics indicated on a single page.
Simple language and terminology should be used. It is best to avoid colloquial, or idiomatic language or expressions. For a national audience, national requirements dictate the languages to be used. For an international audience, it is recommended that sites provide pages in multiple languages or consider use of a translation service.
The most exciting, or newest content, should be boldly promoted. For example, a press release on the latest weather event or a forecast of significant weather expected should be highlighted.
Pages should not be too long. Ideally pages should fit on a display screen with minimal scrolling required. Otherwise, a table of contents with links to subsections should be provided at the beginning.
Do not make pages too complicated.
Different forecasts, climate data, etc, should be on separate pages. That is, the user clicks on an icon for a forecast, reads it and then returns to the selection page.
Ideally, all pages should be reachable through a minimal number of links.
8.4 Guidelines for presentation of weather information
8.4.1 Weather reports, forecasts and warnings
Weather reports and forecasts can be presented simply as text in Web documents. Images can be used to depict the weather conditions. For weather reports or forecasts over more than one location, maps showing the distribution of meteorological parameters such as air temperature and weather conditions are commonly used. If there are large number of different locations to be presented, an image map or a form may be used to assist the user in selecting the location or data of interest.
Warnings for hazardous weather can be presented as text in HTML documents. Animated GIF labels can be added to attract attention. Unlike other perishable media such as radio or television, in providing warnings on the Web operational arrangements should be made to remove the document when the warnings are cancelled (when the weather improves). Since there is usually no fixed schedule for warning dissemination, the user will need to access the relevant document from time to time to check the warning status.
8.4.2 Weather maps
Weather maps are usually provided in GIF and JPEG format. When using graphics, attention should be given to the size of the image and of the file. Bearing in mind the typical hardware being used by users, the image should, as far as possible, fit into the display without scrolling and should not take too long to download.
8.4.3 Time series
To present the variation of parameters such as air temperatures, rainfall amounts etc. over time, line graphs and histograms are often used. The graphics can either be produced on the server at regular intervals when the data series are updated, generated on demand, or generated on the client using the data download from the server. The choice may be made based on the comparison of the download time.
8.4.4 Television weather programs
If your NMHS produces material for television weather programs, the video clips can be made available on the Web server in the form of streaming video or static video files. Special video production facilities are required to generate these files. If streaming video is provided, streaming server software is required on the server.
[This document is a separate web page located on the WMO Web Site in Geneva.]
Statement of Thirteenth WMO Congress on
placing of additional data and products on the Internet
Excerpt from Thirteenth Congress – Abridged Final Report with Resolutions
7.1.19 Congress noted the views and concerns expressed in connection with placing meteorological data and products on the Internet and similar means. Congress agreed with EC/AGE that it was important that the conditions attached to additional data and products placed on the Internet be made known and that the approach to making those conditions known be consistent for all Members.
7.1.20 Congress further agreed with EC/AGE that:
7.1.21 Congress endorsed the recommendation of EC/AGE that with regard to Members placing other Members' additional data and products on the Internet to the research and education community (for their non-commercial use), the following approach should be adhered to by Members in the context of the "best efforts" provision of Resolution 40 (Cg-XII):
EC/AGE - Executive Council Advisory Group on the Exchange of Meteorological and Related Data and Products
Questions and corrections to this guide may be directed to the "Expert Team on Enhanced Utilisation of Data Communication System" members.
Team members can be found through the WMO web site at www.wmo.ch/web/www/BAS/OPAG-ISS-teams.html
OR send you comments directly to the WMO Secretariat in care of the "Senior Scientific Officer" of the Data Management Office of the World Weather Watch:
7 bis, avenue de la Paix
CP 2300 - 1211 Geneva 2, Switzerland
Attention: Pierre Kerherve
Tel: (41) 22 730 8218